+2003-08-19 Havoc Pennington <hp@pobox.com>
+
+ * dbus/dbus-message.c (decode_string_field): support FIELD_SENDER
+ (dbus_message_is_error): fix this function
+
+ * bus/dbus-daemon-1.1: clarify logic on when <deny>/<allow> rules
+ match
+
+ * bus/policy.c (bus_client_policy_check_can_receive): fix code to
+ reflect clarified man page
+ (bus_client_policy_check_can_send): ditto
+
+ * bus/session.conf.in: fixup
+
+ * bus/system.conf.in: fixup
+
2003-08-18 Havoc Pennington <hp@redhat.com>
* dbus/dbus-hash.c (_dbus_hash_table_insert_two_strings): fix
}
static void
-warn_unexpected (DBusConnection *connection,
- DBusMessage *message,
- const char *expected)
+warn_unexpected_real (DBusConnection *connection,
+ DBusMessage *message,
+ const char *expected,
+ const char *function,
+ int line)
{
- _dbus_warn ("Received message interface \"%s\" member \"%s\" error name \"%s\" on %p, expecting %s\n",
+ _dbus_warn ("%s:%d received message interface \"%s\" member \"%s\" error name \"%s\" on %p, expecting %s\n",
+ function, line,
dbus_message_get_interface (message) ?
dbus_message_get_interface (message) : "(unset)",
dbus_message_get_member (message) ?
expected);
}
+#define warn_unexpected(connection, message, expected) \
+ warn_unexpected_real (connection, message, expected, _DBUS_FUNCTION_NAME, __LINE__)
+
+static void
+verbose_message_received (DBusConnection *connection,
+ DBusMessage *message)
+{
+ _dbus_verbose ("Received message interface \"%s\" member \"%s\" error name \"%s\" on %p\n",
+ dbus_message_get_interface (message) ?
+ dbus_message_get_interface (message) : "(unset)",
+ dbus_message_get_member (message) ?
+ dbus_message_get_member (message) : "(unset)",
+ dbus_message_get_error_name (message) ?
+ dbus_message_get_error_name (message) : "(unset)",
+ connection);
+}
+
typedef struct
{
const char *expected_service_name;
goto out;
}
- _dbus_verbose ("Received message %p on %p\n",
- message, connection);
+ verbose_message_received (connection, message);
if (!dbus_message_has_sender (message, DBUS_SERVICE_ORG_FREEDESKTOP_DBUS))
{
goto out;
}
- _dbus_verbose ("Received message %p on %p\n",
- message, connection);
+ verbose_message_received (connection, message);
if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR)
{
goto out;
}
- _dbus_verbose ("Received message %p on %p after sending %s\n",
- message, connection, "ActivateService");
+ verbose_message_received (connection, message);
+ _dbus_verbose (" (after sending %s)\n", "ActivateService");
if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR)
{
goto out;
}
- _dbus_verbose ("Received message %p on %p\n",
- message, connection);
+ verbose_message_received (connection, message);
if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR)
{
if (rule->d.send.interface != NULL)
{
- if (dbus_message_get_interface (message) == NULL ||
+ if (dbus_message_get_interface (message) != NULL &&
strcmp (dbus_message_get_interface (message),
rule->d.send.interface) != 0)
{
continue;
}
}
- else if (rule->d.send.member != NULL)
+
+ if (rule->d.send.member != NULL)
{
- if (dbus_message_get_member (message) == NULL ||
+ if (dbus_message_get_member (message) != NULL &&
strcmp (dbus_message_get_member (message),
rule->d.send.member) != 0)
{
continue;
}
}
- else if (rule->d.send.error != NULL)
+
+ if (rule->d.send.error != NULL)
{
- if (dbus_message_get_error_name (message) == NULL ||
+ if (dbus_message_get_error_name (message) != NULL &&
strcmp (dbus_message_get_error_name (message),
rule->d.send.error) != 0)
{
{
BusPolicyRule *rule = link->data;
- link = _dbus_list_get_next_link (&policy->rules, link);
-
- /* Rule is skipped if it specifies a different
- * message name from the message, or a different
- * origin from the message
- */
+ link = _dbus_list_get_next_link (&policy->rules, link);
if (rule->type != BUS_POLICY_RULE_RECEIVE)
{
_dbus_verbose (" (policy) skipping non-receive rule\n");
continue;
}
-
+
if (rule->d.receive.interface != NULL)
{
- if (dbus_message_get_interface (message) == NULL ||
+ if (dbus_message_get_interface (message) != NULL &&
strcmp (dbus_message_get_interface (message),
rule->d.receive.interface) != 0)
{
_dbus_verbose (" (policy) skipping rule for different interface\n");
continue;
}
- }
- else if (rule->d.receive.member != NULL)
+ }
+
+ if (rule->d.receive.member != NULL)
{
- if (dbus_message_get_member (message) == NULL ||
+ if (dbus_message_get_member (message) != NULL &&
strcmp (dbus_message_get_member (message),
rule->d.receive.member) != 0)
{
continue;
}
}
- else if (rule->d.receive.error != NULL)
+
+ if (rule->d.receive.error != NULL)
{
- if (dbus_message_get_error_name (message) == NULL ||
+ if (dbus_message_get_error_name (message) != NULL &&
strcmp (dbus_message_get_error_name (message),
rule->d.receive.error) != 0)
{
<policy context="default">
<!-- Allow everything -->
- <allow send="*"/>
- <allow receive="*"/>
+ <allow send_interface="*"/>
+ <allow receive_interface="*"/>
<allow own="*"/>
<allow user="*"/>
</policy>
<policy context="default">
<!-- Deny everything then punch holes -->
- <deny send="*"/>
- <deny receive="*"/>
+ <deny send_interface="*"/>
+ <deny receive_interface="*"/>
<deny own="*"/>
<!-- But allow all users to connect -->
<allow user="*"/>
<!-- Allow anyone to talk to the message bus -->
<!-- FIXME I think currently these allow rules are always implicit
even if they aren't in here -->
- <allow send_to="org.freedesktop.DBus"/>
- <allow receive_from="org.freedesktop.DBus"/>
+ <allow send_service="org.freedesktop.DBus"/>
+ <allow receive_service="org.freedesktop.DBus"/>
</policy>
<!-- Config files are placed here that among other things, punch
if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_ERROR)
return FALSE;
- n = dbus_message_get_member (message);
+ n = dbus_message_get_error_name (message);
if (n && strcmp (n, error_name) == 0)
return TRUE;
return FALSE;
}
}
- else if (field == FIELD_SERVICE)
+ else if (field == FIELD_SERVICE ||
+ field == FIELD_SENDER)
{
if (!_dbus_string_validate_service (&tmp, 0, _dbus_string_get_length (&tmp)))
{
field_name, _dbus_string_get_const_data (&tmp));
return FALSE;
}
- }
+ }
else
{
_dbus_assert_not_reached ("Unknown field\n");
<servicedir>@TEST_SERVICE_DIR@</servicedir>
<auth>DBUS_COOKIE_SHA1</auth>
<policy context="default">
- <allow send="*"/>
- <allow receive="*"/>
+ <allow send_interface="*"/>
+ <allow receive_interface="*"/>
<allow own="*"/>
<allow user="*"/>
</policy>
<listen>unix:tmpdir=@TEST_SOCKET_DIR@</listen>
<servicedir>@TEST_SERVICE_DIR@</servicedir>
<policy context="default">
- <allow send="*"/>
- <allow receive="*"/>
+ <allow send_interface="*"/>
+ <allow receive_interface="*"/>
<allow own="*"/>
<allow user="*"/>
</policy>
this user can only send the one kind of message -->
<policy user="fooserviceuser">
<allow own="org.foo.FooService"/>
- <allow send="org.foo.FooBroadcastMessage"/>
+ <allow send_interface="org.foo.FooBroadcastInterface"/>
</policy>
<!-- Allow any connection to receive the message, but
only if the message is sent by the owner of FooService -->
<policy context="default">
- <allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/>
+ <allow receive_interface="org.foo.FooBroadcastInterface" receive_service="org.foo.FooService"/>
</policy>
</busconfig>